Please see Security Advisories for the week ending October 22, 2021
- GPS Daemon (GPSD) Rollover Bug
- Cisco Releases Security Updates for IOS XE SD-WAN Software
- Google Releases Security Updates for Chrome
- Oracle Releases October 2021 Critical Patch Update
_______________________________
GPS Daemon (GPSD) Rollover Bug
Situation
Cisco has released security updates to address a vulnerability in IOS XE SD-WAN Software, which could allow an authenticated, local attacker to execute arbitrary commands with root privileges.
Problem
Due to the design of the GPS protocol, time rollback can be anticipated and usually closely monitored by manufacturers . The next occurrence should have been in November 2038, but a bug in some sanity checking code within GPSD would cause it to subtract 1024 from the week number on October 24, 2021. This would mean NTP servers using the bugged GPSD version would show a time/date of March 2002 after October 24, 2021.
Implication
This could cause affected systems and services to become unavailable or unresponsive.
Need
CISA urges affected CI owners and operators to ensure systems—that use GPSD to obtain timing information from GPS devices—are using GPSD version 3.23 or newer.
For a brief overview:
https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug
For a more technical overview:
https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/
________________________________
Cisco Releases Security Updates for IOS XE SD-WAN Software
Situation
Cisco has released security updates to address a vulnerability in IOS XE SD-WAN Software, which could allow an authenticated, local attacker to execute arbitrary commands with root privileges.
Problem
The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
Implication
An authenticated local attacker could exploit this vulnerability to take control of an affected system.
Need
CISA encourages users and administrators to review Cisco Advisory cisco-sa-sd-wan-rhpbE34A and apply the necessary updates.
For a brief overview:
For a more technical overview:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-rhpbE34A
________________________________
Google Releases Security Updates for Chrome
Situation
Google has released Chrome version 95.0.4638.54 for Windows, Mac, and Linux.
Problem
The vulnerabilities addressed in this update are multitudinous, but the types of vulnerabilities covered include, but are not limited to: heap buffer overflow, use after free, out of bounds read, race conditions, insufficient validation, and inappropriate implementation. Please review the Google security bulletin linked below for full details.
Implication
This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
Need
CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.
For a brief overview:
https://us-cert.cisa.gov/ncas/current-activity/2021/10/20/google-releases-security-updates-chrome
For a more technical overview:
https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html
________________________________
Oracle Releases October 2021 Critical Patch Update
Situation
Oracle has released 419 security patches for Oracle products. These updates address critical level vulnerabilities in multiple Oracle products including MySQL, Oracle Agile, Oracle Java SE, VM VirtualBox, and much more.
Problem
A large amount of vulnerabilities have been found and patched. A large amount of these vulnerabilities can be exploited remotely.
Implication
If an attacker is able to successfully exploit some of these vulnerabilities it could allow them to take control of an affected system.
Need
Apply the patches as soon as possible.
For more information: https://www.oracle.com/security-alerts/cpuoct2021.html